/*******************************************************************************
 * Copyright (c) 2010, 2030 www.mahao.cn
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 *******************************************************************************/
package cn.itlaobing.eshopmanagement.controller;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.servlet.mvc.support.RedirectAttributes;

import cn.itlaobing.eshopmanagement.entity.SystemAccount;
import cn.itlaobing.eshopmanagement.service.SessionService;
import cn.itlaobing.eshopmanagement.untils.RandomValidateCode;

/** 
 * ClassName: SessionController <br/> 
 * Function: 个人中心 <br/> 
 * date: 2017年5月22日 上午11:46:46 <br/> 
 * 
 * @author 雪儿 
 * @version  
 * @since JDK 1.8 
 */
@Controller
public class SessionController extends BaseController {
	@Autowired
	private SessionService sessionService;
	
	
	public static final String CURRENT_ACCOUNT="currentAccount";
	
	//主页  个人中心
	@RequestMapping(value={"","/","/index","/home"})
	public String index(){
		return "home/index";
	}
	@RequestMapping(value={"/file"})
	public String upload(){
		return "fileuploadDemo/file";
	}
	
	//加载登录页面
	@RequestMapping(value={"/signin"},method=RequestMethod.GET)
	public String signin(){
		return "signin";
	}
	
	//登录
	@RequestMapping(value={"/signin"},method=RequestMethod.POST)
	public String signin(String account,String password
			,HttpSession session
			,Model model){
		SystemAccount acc=sessionService.validate(account, password);
		if(acc!=null){//登录成功
			if (acc.getLocked()) { // 已被锁定，返回null
				model.addAttribute("signInError","用户已被锁定，请联系管理员进行解锁后再登录");
				return "signin";
			}
			session.setAttribute(CURRENT_ACCOUNT, acc);
			//更新最后一次登录的时间
			sessionService.updateLastSignInDateTime(acc.getAccount());
			return "redirect:/index";
		}else{
			model.addAttribute("signInError","用户名或者密码有误");
			return "signin";
		}
		
	}
	//退出
	@RequestMapping(value={"/signout"},method=RequestMethod.GET)
	public String signOut(HttpSession session){
		session.invalidate();
		return "redirect:/signin";
	}


	@RequestMapping(value={"/yzm"},method=RequestMethod.GET)
	public void imgYZM(HttpServletRequest request,HttpServletResponse response){
		RandomValidateCode.getRandCode(request, response);
	}

	
	//加载修改密码页面
	@RequestMapping(value={"/changepwd"},method=RequestMethod.GET)
	public String changePwd(){
		return "systemAccounts/changepwd";
	}
	
	//修改密码
	@RequestMapping(value={"/changepwd"},method=RequestMethod.POST)
	public String changePwdPost(String password,RedirectAttributes redirectAttributes,HttpSession session){
		SystemAccount account=(SystemAccount) session.getAttribute(CURRENT_ACCOUNT);
		account.setPasswordDigist(password);
		sessionService.update(account);
		session.invalidate();
		redirectAttributes.addFlashAttribute("success", "修改"+account.getAccount()+"密码成功！");
		return "redirect:/index";
	}
	
	//验证密码
	@RequestMapping(value={"/ModifyPass"},method=RequestMethod.POST)
	@ResponseBody
	public SystemAccount ModifyPass(String oldpass,HttpSession session){
		SystemAccount account=(SystemAccount) session.getAttribute(CURRENT_ACCOUNT);
		return sessionService.validate(account.getAccount(), oldpass);
	}
	
	//加载修改密码页面
	@RequestMapping(value={"/updateHead"},method=RequestMethod.GET)
	public String updateHead(){
		return "systemAccounts/updateHead";
	}
}
